Dear TC members, In the past couple weeks, I came across an instance of academic interest in the CACAO specification which I would like to bring... -posted to the "OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security" community

OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu Post New Message CACAO in academia and CSAF note Reply to Group Reply to Sender via Email Aug 12, 2024 10:35 AM Luca Morgese Zangrandi Dear TC members, In the past couple weeks, I came across an instance of academic interest in the CACAO specification which I would like to bring to your consideration. A publication from Philip Empl et al. (link.springer.com/article/10.1007/s10207-023-00760-5) proposes parsing unstructured remediation advisory information from CSAF in the ICS domain, into CACAO playbooks. The use-case serves to support vulnerability management in ICS. In the conclusion, the authors state that CSAF and CACAO are plausible, promising resources to this end. On reading the paper, I thought it would be an interesting idea, perhaps, to connect CACAO playbooks more explicitly into CSAF, as possible format for the "remediations" property in the CSAF standard. I'm curious to know what you think. Kind regards, Luca P.S.: Partially related and FYI, another example of academic interest in CACAO: the university of Aachen, Germany, is opening Bachelor thesis projects about translating unstructured playbooks into CACAO format via LLMs. ------------------------------ Luca Morgese Zangrandi Cybersecurity R&D TNO ------------------------------   Reply to Group via Email   Reply to Sender via Email   View Thread   Recommend   Forward   You are subscribed to "OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu" as bret.jordan.sdo@gmail.com. To change your subscriptions, go to My Subscriptions. To unsubscribe from this community discussion, go to Unsubscribe.

Dear TC members, In the past couple weeks, I came across an instance of academic interest in the CACAO specification which I would like to bring... -posted to the "OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security" community

OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu Post New Message CACAO in academia and CSAF note Reply to Group Reply to Sender via Email Aug 12, 2024 10:35 AM Luca Morgese Zangrandi Dear TC members, In the past couple weeks, I came across an instance of academic interest in the CACAO specification which I would like to bring to your consideration. A publication from Philip Empl et al. (link.springer.com/article/10.1007/s10207-023-00760-5) proposes parsing unstructured remediation advisory information from CSAF in the ICS domain, into CACAO playbooks. The use-case serves to support vulnerability management in ICS. In the conclusion, the authors state that CSAF and CACAO are plausible, promising resources to this end. On reading the paper, I thought it would be an interesting idea, perhaps, to connect CACAO playbooks more explicitly into CSAF, as possible format for the "remediations" property in the CSAF standard. I'm curious to know what you think. Kind regards, Luca P.S.: Partially related and FYI, another example of academic interest in CACAO: the university of Aachen, Germany, is opening Bachelor thesis projects about translating unstructured playbooks into CACAO format via LLMs. ------------------------------ Luca Morgese Zangrandi Cybersecurity R&D TNO ------------------------------   Reply to Group via Email   Reply to Sender via Email   View Thread   Recommend   Forward   You are subscribed to "OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu" as bret.jordan.sdo@gmail.com. To change your subscriptions, go to My Subscriptions. To unsubscribe from this community discussion, go to Unsubscribe.